Information Security Systems Engineer

About L3Harris

L3Harris is dedicated to recruiting and developing high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. L3Harris provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

L3Harris is the Trusted Disruptor in defense tech. With customers’ mission-critical needs always in mind, our employees deliver end-to-end technology solutions connecting the space, air, land, sea and cyber domains in the interest of national security.

Job Details

Job Title: Information Security Systems Engineer

Job Code: 36153

Job Location: Ft. Wayne, IN; Palm Bay, FL; Wilmington, MA

Job Schedule: 9/80

Job Description

Applies current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and integration of systems and networks to maintain system security. Works closely with Government customers to ensure that the security protection needs, concerns and requirements are defined and implemented with appropriate fidelity and rigor, early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest. Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products. Uses methods such as encryption technology, vulnerability analysis and security management. Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment. Will prepare Certification and Accreditation documentation, using multiple standards under RMF and derivative processes (DOD 8510, JSIG, ICD-503, CNSSI 1253), to achieve security authorization of supported systems. Represents program security needs, concerns and requirements at customer meetings.

Essential Functions

• Perform Risk Management Framework (RMF) accreditation and authorization (A&A) processes to include RMF steps 1-4 (categorization, controls selection, control implementation, security assessment) and standard body of evidence (BoE) package development.
• Document security control inheritance in terms of IaaS, PaaS and SaaS relationships.
• Perform DoD-approved software selection and approval processes for COTS, GOTS and FOSS.
• Apply and verify DISA SRGs and STIGs.
• Support security engineering activities, including basis of estimate development, requirements development, design, test, configuration management and maintenance of information systems and data.
• Assist program security in the development of policies and procedures for emerging security technologies.
• Support vulnerability assessment activities as required.
• Support the evaluation, qualification, testing and delivery of security architecture improvement, obsolescence replacement and vulnerability response projects.
• This position is performed 100% onsite and cannot be performed remotely.

Qualifications

• Bachelor’s Degree and minimum 6 years of prior relevant experience. Graduate Degree and a minimum of 4 years of prior related experience. In lieu of a degree, minimum of 10 years of prior related experience.
• Must have active Secret/SCI security clearance, with TS/SCI (or SCI eligible) Security Clearance being highly desired.
• DoD 8140.03 IASAE Level 2 certification.

Preferred Additional Skills

• Support spacecraft design using technical areas:
  • Physics: Newton’s laws of motion, optics, heat flow.
  • Electrical: voltage, current, resistance, AC/DC, batteries.
  • Electronics: resistors, capacitors, inductors, transistors.
  • Computers: RAM, CPU, I/O, storage, operating systems.
  • Mathematics: algebra, trigonometry, statistics.
• Support Static Application Security Testing (SAST) for Application Security and Development STIG compliance using tools such as Fortify and Gitlab as part of a DevSecOps Continuous Integration/Continuous Deployment (CI/CD) Pipeline, and generation of summary reports.